Many communications devices, both wireless and wired, have the capability of being remotely managed by a device management server. A typical device management server can remotely configure devices, send updates, and perform diagnostics. Without remote management over a network, a device would need to be brought to a service center, or the like, in order to carry out many management actions. This is time consuming, inconvenient, and costly. Hence, it is desirable for devices that operate in a network environment to support features for remote device management. To this end, each communications service provider typically operates its own device management server which is capable of managing the devices that operate on its network.
For a device to be remotely managed, it needs to securely interact with a management server in a management session. Typically, to initiate such an interaction, the device presents a password (the “device password”) to the management server that the server can verify to authenticate the device, and the management server presents a password (the “server password”) to the device that the device can verify to authenticate the server. This ensures mutual authentication prior to starting a management session.
Service providers typically obtain the devices used on their networks from Original Equipment manufacturers or OEMs. These devices are then sold to customers of the service providers. The passwords required for remote management of devices are typically communicated by out-of-band means (e.g., mail) to the customers, who then enter the passwords into their respective devices. In addition to programming each device with its device password, each device must also be programmed with the server passwords of the management servers with which it is to interact.
This process, however, is error prone, compromises security, and depends on users to enter data before using their devices. Moreover, it does not address the issue of providing the device passwords to the device management servers. In addition, changes in server passwords will require re-programming of the devices with the new server passwords.
The need exists, therefore, for improved systems and methods of providing communications devices and device management servers with the relevant credentials needed to carry out management sessions.